Here is a collections of pointers on the issue of TLS (was SSL) security. First some URLs:

http by W3C
SSL 3.0; Wikipedia on TLS; TLS 1.2, 2008
Netsacpe’s definition of Cookies, which bears on some issues I want to raise.
Cookie RFC? but newer

I raise some issues on the use of TLS that bear on the efficacy of PKI.
Here I raise some issues on the security of Cookies.

Down with CAs
PKI Logic
Extended Validation
Marlinspike’s Perspective
The Bare YURL


My experience with the SSH1 Mac client